February 26, 2024 at 08:51AM The LockBit ransomware operators faced law enforcement disruption, seizure of servers, and the arrest of individuals. Authorities obtained decryption keys and offered rewards. LockBitSupp launched a new leak site, attributing the takedown to a PHP flaw and announced improvements. LockBit faced decline and struggles attracting affiliates. The true masterminds behind … Read more
February 19, 2024 at 12:56PM Hackers are exploiting a critical remote code execution flaw in the Bricks Builder Theme, allowing them to run malicious PHP code on vulnerable sites. A fix in version 1.9.6.1 was released on February 13 to address the vulnerability (CVE-2024-25600). Active exploitation attempts began on February 14, with specific IP addresses … Read more
February 14, 2024 at 06:08PM LockBit ransomware group claims responsibility for cyberattack on Fulton County, Georgia, threatening to leak sensitive data unless a ransom is paid. The attack, causing IT outages in phone, court, and tax systems, still impacts the county weeks later. Despite the breach, no indication of stolen sensitive information was found, but … Read more
January 31, 2024 at 03:00AM Pawn Storm, also known as APT28 and Forest Blizzard, has been utilizing brute force and stealth tactics to launch NTLMv2 hash relay attacks against high-value targets, particularly government departments, from April 2022 to November 2023. The group’s aggressive and repetitive spear-phishing campaigns mask their advanced and stealthy post-exploitation actions, often … Read more
January 28, 2024 at 08:35PM Trend Micro’s Zero Day Initiative held an automotive-focused Pwn2Own event in Tokyo, awarding over $1.3 million for 49 vehicle-related zero day vulnerabilities. Synacktiv secured $450,000 for demonstrating six successful exploits, including gaining root access to a Tesla Modem. Additionally, critical vulnerabilities in various products were reported, urging prompt installation of … Read more
January 27, 2024 at 12:19PM Governments imposed sanctions on ransomware operators this week. Australian, US, and UK governments sanctioned Aleksandr Ermakov for the 2022 Medibank hack with REvil. US sentenced Vladimir Dunaev to prison for TrickBot malware involvement. Multiple ransomware attacks and new variants were also reported this week, impacting various industries. Security researchers uncovered … Read more
January 26, 2024 at 07:37AM Pwn2Own Automotive’s first edition ended with competitors earning $1,323,750, hacking Tesla twice, and demonstrating 49 zero-day bugs in electric car systems at the Tokyo, Japan contest. Team Synacktiv won $450,000, fuzzware.io $177,500, and Midnight Blue/PHP Hooligans $80,000. The next competition is scheduled for March 20th in Vancouver. Further details can … Read more
January 25, 2024 at 01:56PM Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his involvement in creating and distributing the Trickbot malware. He pleaded guilty to charges of computer fraud and identity theft, and extradition to the US was completed in October 2021. Dunaev’s role in the … Read more
January 24, 2024 at 10:19AM Hackers attempted 1,287 password attacks per second in 2022, highlighting the importance of strong password security. Many users still use easy-to-guess passwords, creating security vulnerabilities. Organizations can promote longer, unique passwords and correlate password expiration with password length to enhance security. Tools like Specops Password Policy can help enforce these … Read more
January 9, 2024 at 01:57PM Financially motivated Turkish hackers are targeting Microsoft SQL servers worldwide, encrypting victims’ files using Mimic ransomware. Tracked as RE#TURGENCE, the attacks have hit targets in the EU, US, and Latin America. The hackers compromise insecure MSSQL servers using brute force attacks, then deploy ransomware payloads and execute other malicious activities. … Read more